Data Security: 5 Things Every Business Needs to Know

By Phill24th January 2018

It is difficult to put into words just how big digital content data is.

By 2020, 1.7 megabytes of new data will be created each second for every person on the planet. Within five years, there will be over 50 billion smart connected devices on the planet, all working to collect, analyze and share data.

But aside from getting overwhelmed by the statistics, data is critical to the modern business. The more companies base their operations around digital technology – enterprise software, digital communications, ecommerce and website development, cloud computing – the more data matters.

Every web page hit, every email or instant message sent, every file created and shared, every transaction in digital format generates data to be logged, collected, stored, shared or analysed. On the one hand this creates a near bottomless pool of information a business can draw on to inform decisions and evaluate ways to improve business operations. On the other, data carries a value, either because of the uses it can be put to or because it carries important information in its own right, such as personal details of customers. Because of that value, businesses are obliged to store and protect data carefully.

Data security carries a big burden of responsibility for any business, even more so with the new GDPR requirements coming into force in May 2018.

5 Things you Need to Know about Data Security

1. Database Administration.
Databases take the glut of raw data being continually created out by digital systems and process it into storable, accessible and usable formats. This puts databases on the front line of data management, and they in turn therefore need to be managed carefully.

Companies can sometimes run different database technologies, which adds to the complexity of keeping data on them secure. Without a well planned storage and maintenance inventory, it is easy to lose track of what is stored where and what updates need to be added. Unpatched (i.e. without the latest security updates) and misconfigured databases can expose sensitive information and lead to the wrong access and control permissions being implemented. Technical assistance for database support is therefore strongly advised.

2. Backup Data Storage.
Backing up your data is strongly advised to offer protection in the event of a catastrophic system failure. However, backup storage media does not always offer the same levels of protection which are standard on most database software. Look for products and services which encrypt data before storage.

3. User Privilege.
It is commonly assumed that the biggest threat to data security comes from external threats such as malware attacks. In fact, many security breaches come from abuse of internal user privileges. Providing users with privileges beyond the needs of the job role, such as having access to system administration, can leave data vulnerable. Companies also often forget to revoke user privileges when an employee leaves a company. It is good practice to control and monitor access so any breaches can be traced back through user logs.

4. External threats.
Anti-malware software is a big market, with the promise to protect against highly organised and effective viral attacks on your computer systems, such as the recent spate of Ransomware attacks. Whilst this form of protection is important, be aware that external threats do not begin and end with malware. SQL injection attacks, for example, can provide criminals with unrestricted access to your database via the input fields of your website.

5. Audit Trails.
Do you know who has changed what on your database and when they did it? Databases are there to provide information that people in your organisation can work with. Not logging actions and changes made can lead to serious problems when things go wrong. Implementing audit trails can help recover lost data and return to previous versions prior to an error.

Here's what other people think

Our partnership with WellData has enabled us to resolve critical database problems. Their attitude and service makes them a natural extension to our own technology team, which extends our capability in a critical area of our business.read more

Our partnership with WellData has enabled us to resolve critical database problems. Their attitude and service makes them a natural extension to our own technology team, which extends our capability in a critical area of our business.read more